Yes, this is a debate I've had with the medical privacy7 guys, some of whom like the idea of using Palladium to protect medical records. This is a subject on which I've a lot of experience (see my web page), and I don't think that Palladium will help. Privacy abuses almost always involve abuse of authorised access by an insider. Recent case: 15-year old girl in Croydon, England, gets termination of pregnancy without telling her mother. This is reported to the local health authority, where her uncle works; he sees the report and tells the family. Palladium doesn't help here. Even if the unclse is constrined by the Fritz chip from doing anything other than look at the screen, he still has the information. The fix for this problem is anonymous reporting, with the identity of the girl known only to the treating physician. It is a policy issue, not a techjnology issue; if technology such as Palladium is introduced it will most likely be by health authorities trying to find an excuse to retain access to data that they shouldn't have in the first place. (We've seen a similar effect with smartcards in healthcare, and in fact the general phenomenon has an interesting similarity with what the environmental economists call the `social reward trap': making `green' goods available often increases pollution as people consume green goods rather than consuming less.) Ross --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com